* Ethan Benson (erbenson@alaska.net) [011108 07:56]: > On Thu, Nov 08, 2001 at 03:43:56PM +0100, Wichert Akkerman wrote: > > Previously Ethan Benson wrote: > > > its not, it provides you NO extra security whatsoever, and will break > > > many many things. > > > > It breaks a fair number of scripts that script-kiddies use, and as > > such it is somewhat useful. > > 1: if your system is vulnerable to script kiddies then admin needs to > be taken out back and beaten with a large LART. Well, on some level, *every* system is vulnerable to scriptkiddies. The worst security flaw is admin hubris; always remember that you are not immune. > 2: if the script kiddie even has 2 tenths of a percent of clue he will > figure out how to move the file somewhere else, or use my earlier > mentiond ld//bin/sh method of execution. This is the whole point of a scriptkiddie; they don't know what they're dong -- they just download the sploits and run them. If they work, they work, if they don't they go on to the next machine in pac bell's DSL subnets =p -- Vineet http://www.anti-dmca.org Unauthorized use of this .sig may constitute violation of US law. echo Qba\'g gernq ba zr\! |tr 'a-zA-Z' 'n-za-mN-ZA-M'
Attachment:
pgpPF86l0PKbg.pgp
Description: PGP signature